Apollo HealthAxis - Network Security Engineer - Firewall (5-8 yrs)

Role Overview :

We are seeking a highly skilled and experienced Network Security Engineer to join our team in Hyderabad. The ideal candidate will possess a strong background in designing, implementing, and managing secure network infrastructures.

This role demands a deep understanding of network protocols, firewall configurations, intrusion detection and prevention systems, and cutting-edge security tools.

The candidate will play a crucial role in safeguarding our organization's IT environment against threats, ensuring compliance, and continuously improving our security posture.

Key Responsibilities :

Network Security Design & Implementation :

- Design, deploy, and manage secure network architectures, including LAN, WAN, and cloud-based infrastructures.

- Configure and maintain firewalls, routers, VPNs, and other security appliances (i.e., Fortinet, Palo Alto, Cisco ASA).

Threat Management & Response :

- Monitor, detect, and respond to security incidents using SIEM tools like Splunk, QRadar, or LogRhythm.

- Analyze and mitigate vulnerabilities using tools like Nessus, Qualys, or OpenVAS.

Firewall and Policy Management :

- Develop, implement, and maintain firewall rules and security policies.

- Conduct regular audits of access controls and ensure adherence to best practices.

Intrusion Detection and Prevention :

- Configure and manage IDS/IPS solutions like Snort, Suricata, or Cisco Firepower to detect and block malicious activities.

Security Assessments :

- Perform penetration testing and vulnerability assessments to identify and mitigate risks.

- Lead the development of security incident response plans and conduct periodic drills.

Compliance & Governance :

- Ensure compliance with industry standards such as ISO 27001, NIST, or PCI-DSS.

- Generate and maintain documentation for security policies, procedures, and audits.

Collaboration & Training :

- Work closely with cross-functional teams to ensure secure application and system deployments.

- Provide security awareness training to staff and assist in the enforcement of security policies.

Required Skills and Qualifications :

Technical Expertise :

- Strong hands-on experience with firewalls (Fortinet, Palo Alto, Check Point, Cisco ASA).

- Advanced knowledge of IDS/IPS, SIEM tools (i.e., Splunk, QRadar), and endpoint protection systems.

- Proficiency in network protocols (TCP/IP, UDP, DNS, DHCP, SSL/TLS).

Cybersecurity Tools :

- Familiarity with vulnerability scanners (Nessus, Qualys, OpenVAS).

- Experience with DLP (Data Loss Prevention) solutions and threat hunting platforms.

Scripting and Automation :

- Proficiency in scripting languages like Python, Bash, or PowerShell for automating security tasks.

Cloud Security :

- Expertise in securing cloud platforms such as AWS, Azure, or Google Cloud (i.e., IAM, Security Groups, VPC).

Incident Response & Forensics :

- Strong understanding of security incident response and forensics methodologies.

Certifications : Industry-recognized certifications like CISSP, CEH, CCNA Security, CISM, or CompTIA Security+.

Soft Skills :

- Excellent problem-solving skills and the ability to work under pressure.

- Strong communication and collaboration skills for working across teams.

Preferred Skills and Experience :

- Familiarity with Zero Trust Architecture principles.

- Hands-on experience with automation tools like Ansible, Terraform, or Puppet for security workflows.

- Knowledge of OT/IoT security.

- Background in cryptography and PKI (Public Key Infrastructure).

- Experience in implementing Security Orchestration, Automation, and Response (SOAR) platforms.

- Publications, research, or active participation in cybersecurity forums or open-source projects